From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 24F8DCEACFA for ; Tue, 1 Oct 2024 18:48:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AADC92800DB; Tue, 1 Oct 2024 14:48:33 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A5DB3280068; Tue, 1 Oct 2024 14:48:33 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8FDE42800DB; Tue, 1 Oct 2024 14:48:33 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 6F75A280068 for ; Tue, 1 Oct 2024 14:48:33 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 1C7F21C7267 for ; Tue, 1 Oct 2024 18:48:33 +0000 (UTC) X-FDA: 82625919306.08.D1053E6 Received: from mout-p-101.mailbox.org (mout-p-101.mailbox.org [80.241.56.151]) by imf25.hostedemail.com (Postfix) with ESMTP id 0BAFBA0003 for ; Tue, 1 Oct 2024 18:48:30 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=cyphar.com header.s=MBO0001 header.b=ppaifXUB; spf=pass (imf25.hostedemail.com: domain of cyphar@cyphar.com designates 80.241.56.151 as permitted sender) smtp.mailfrom=cyphar@cyphar.com; dmarc=pass (policy=reject) header.from=cyphar.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1727808446; a=rsa-sha256; cv=none; b=aQMR09BLiINhyGTlOEAXhW8ByOBCBgF8quTZh+Zjmfh/Aa/bQlDUFudY7PLVPFa4lgQYAv p4/S8UMBg20J7fr1j5IlKePIrTB6r18pAYneK1yDa/wAjMF4OSO/th4lDD63fywI4e4OUX sXnorlB60KZZVyiA7Nc8YyGxsKXv0nc= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=cyphar.com header.s=MBO0001 header.b=ppaifXUB; spf=pass (imf25.hostedemail.com: domain of cyphar@cyphar.com designates 80.241.56.151 as permitted sender) smtp.mailfrom=cyphar@cyphar.com; dmarc=pass (policy=reject) header.from=cyphar.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1727808446; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=fdrBQP3bUQTRkSAN5X0Ar51E6rJtrMZnr+nnaX4bGRY=; b=2/eWycrZbUrAE7gV6mo6ufmMFzOh0K/W/8WxA/+urZ9SQI2Bk2xs7NbADBwSpddQyJgXrF tYtMUZWoTj1t350ePt23JSKrOvlfXAUSV5USOqg1MjCGXNWVwnNItmtxOyz5eGcbxOgm4Q 31pfGvV+k464mh1J1YmVtR4ggpFgSxI= Received: from smtp102.mailbox.org (smtp102.mailbox.org [IPv6:2001:67c:2050:b231:465::102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4XJ6Qd1vMTz9spH; Tue, 1 Oct 2024 20:48:25 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cyphar.com; s=MBO0001; t=1727808505; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=fdrBQP3bUQTRkSAN5X0Ar51E6rJtrMZnr+nnaX4bGRY=; b=ppaifXUBL5l2kuCJ8egHIfyZh/zpcMPobazbgCznTK2IAulMQs4Xfuhv+ErhMJfoQ2Utgz NH85pxly39WgRC6bMazehTB41rN+k7WkcsEz6h61o+62hn+cE8VgHQQcASXI0+ffzU14Lr AO6Jv86KT/NB+ffeid5eJXelt79dlRmqNs3qYfmlXssc5smHJgGfAmdN/4Q7alSMZLrUHp PcpWAzTVJw9K0DLbYH2fznGpSsujduRUHzAHIlKSvjfmyAlBg4+E6LvUKVABn+SBPeZ1Dd D/mpIfN4x/Q7fX28AolTkOIiEGS7LrAgNWVudmdEds65Jqb63KiLWltYBKg5yw== Date: Tue, 1 Oct 2024 20:48:06 +0200 From: Aleksa Sarai To: Tycho Andersen Cc: Alexander Viro , Christian Brauner , Jan Kara , Eric Biederman , Kees Cook , linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Tycho Andersen , Zbigniew =?utf-8?Q?J=C4=99drzejewski-Szmek?= Subject: Re: [PATCH v3 1/2] exec: fix up /proc/pid/comm in the execveat(AT_EMPTY_PATH) case Message-ID: <20241001.184625-homely.tarps.selfish.shotgun-bJjSBGdHDLKb@cyphar.com> References: <20241001134945.798662-1-tycho@tycho.pizza> <20241001.175124-western.preview.meager.saws-pzvpWxOhfokt@cyphar.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="wd2o7flkl4ghydpi" Content-Disposition: inline In-Reply-To: <20241001.175124-western.preview.meager.saws-pzvpWxOhfokt@cyphar.com> X-Stat-Signature: ehfcaoea7yx6us9rgcm7dz6xdrt15qex X-Rspamd-Queue-Id: 0BAFBA0003 X-Rspam-User: X-Rspamd-Server: rspam10 X-HE-Tag: 1727808510-722660 X-HE-Meta: U2FsdGVkX1/PHdmJ5Vd8RN8eIr1HEER0B0W1OteytYju5bSgrulrdaxwEleeL3jA+H1RI6rXRje4igda1Q5+RthrHBiIDRK74QqNtc0jWWT5+UEGJJexM5XmQuAEBvtMYkz1rrqmDLp5c++8TSecC4WZ6P+dEqid6lSq3TQOg7FMUisJqVInCxs0TBxm1h46qFkn5Qak2nAGRyXNVb4PF27peCu7m6Bl9Vsd2g1veP3I54231fgtqZgwmp2Cm/xfTO6ORtCmPZXSGQlrchDVSGtTXSDmGxfIYMod/xQfjzgWT3OTL5aeLcx0wfpk6r6OUWx3TLZkNkTR56xdODvDHREsRdZ9W0DI3t+1L70lxGh9TK7FcdPuWSqUv6D9Z3a+qBhOrgIJTCLabXlD7yjlSQEi6wtQn/83HbxA+dbDhrWT9u8ycvuPCepsKnrr/4yx5R5xqPC7G4YG+yd9F545T26hxsNbH0NLX+9JtRGhen1yf6VFgx1YJvWtbKAQ5u2mDfBz+qXiFMvoz6ghWSpkwO3b9Z+Pnq9uYecNZPFyk9L4vDPi31gPXHyW7hd291ao32Q1VufgmWFlAtT3rDNP/LJaNN1H82MVsIi7+i37hIy7inH/2DXu8Ty+egSMfXFC+QgIvmDAUJDGgDAPmoV8OwYryNeZXesrOZodUhjaThHWXsxI08rYeFfPSFwF9CzcAeD4wcNB+44uub/kM3j3zjUT5Mvspuq2FuPDotHSHYbD2lBc8CUK+BcfOFcvWFCKOseYSGUjWGR3g6s6LH8rMrvuOh5DV1Tq20CNNqwaIzPSFlsIkjsvp8PP4OW5po/H5a2nNeh/8rIejuArb8sD+EtMfIHkzt6IobJgabyjSrfVZ42zGS+zgb5h+O8nOhXZiTOv8GKPMyos4r6BM5qXPJf9gCpBhxNxTX7rOqEfuvJbdhZjhgPn0bdt+j5QcuM8/+pLgxYU4KLXxKDeYcd vcKxCXEA AUzHQ7ymmx6+ojKJQRN4t8TEjaZ/xP5hSSdv3++41n+7ILpDxUhcermQuidX1Gzaf4Mj0tD3IBkJVtyBfB4S3OBtAkBlW97IChFNg7621+OH1zNmeALclTN1BE3Gal9X596kxYIM3VUE9g4jL8QRDwVfjoLVb4WCjI0rpt+SrKTMnMDMQahn3qzqdH0RCv6F4weaFkr8EIAREU3Ix5B0xx7b5qpmNWgqV/aheW3NNve/jLTNpxew4bkA0Nbmvl8hxeO+AQ6zWXW1wpmeWWgeQj1PrUNeXMy9ZnFr4iRjxz8I2dQIgF0E2Coqecn26H1J1gWUr6LnRvPeKt0gLVgqe846SYzD2uB6zuSeiYmfkGNOFpFF9oRJI98WCGO6DJDDpC386YBWyQSjA4RUCiosbety9wu5p9HpdZIX5bQ3l4thKP3rbzpqK9ysQRRjRznJvbwbZBYB/2KhOcx3/3UiXx8zOk/Axn2cJGEZezOr3qH3v5kpOQ3BEB/fiPQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: --wd2o7flkl4ghydpi Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2024-10-01, Aleksa Sarai wrote: > On 2024-10-01, Tycho Andersen wrote: > > From: Tycho Andersen > >=20 > > Zbigniew mentioned at Linux Plumber's that systemd is interested in > > switching to execveat() for service execution, but can't, because the > > contents of /proc/pid/comm are the file descriptor which was used, > > instead of the path to the binary. This makes the output of tools like > > top and ps useless, especially in a world where most fds are opened > > CLOEXEC so the number is truly meaningless. > >=20 > > Change exec path to fix up /proc/pid/comm in the case where we have > > allocated one of these synthetic paths in bprm_init(). This way the act= ual > > exec machinery is unchanged, but cosmetically the comm looks reasonable= to > > admins investigating things. >=20 > While I still think the argv[0] solution was semantically nicer, it > seems this is enough to fix the systemd problem for most cases and so we > can revisit the argv[0] discussion in another 10 years. :D Of course, this assumes the busybox problem I mentioned really is not an issue. But at least this option is "less wrong" than using the fd number. I suspect we will eventually need the argv[0] thing. > Reviewed-by: Aleksa Sarai >=20 > > Signed-off-by: Tycho Andersen > > Suggested-by: Zbigniew J=C4=99drzejewski-Szmek > > CC: Aleksa Sarai > > Link: https://github.com/uapi-group/kernel-features#set-comm-field-befo= re-exec > > --- > > v2: * drop the flag, everyone :) > > * change the rendered value to f_path.dentry->d_name.name instead of > > argv[0], Eric > > v3: * fix up subject line, Eric > > --- > > fs/exec.c | 13 ++++++++++++- > > 1 file changed, 12 insertions(+), 1 deletion(-) > >=20 > > diff --git a/fs/exec.c b/fs/exec.c > > index dad402d55681..9520359a8dcc 100644 > > --- a/fs/exec.c > > +++ b/fs/exec.c > > @@ -1416,7 +1416,18 @@ int begin_new_exec(struct linux_binprm * bprm) > > set_dumpable(current->mm, SUID_DUMP_USER); > > =20 > > perf_event_exec(); > > - __set_task_comm(me, kbasename(bprm->filename), true); > > + > > + /* > > + * If fdpath was set, execveat() made up a path that will > > + * probably not be useful to admins running ps or similar. > > + * Let's fix it up to be something reasonable. > > + */ > > + if (bprm->fdpath) { > > + BUILD_BUG_ON(TASK_COMM_LEN > DNAME_INLINE_LEN); > > + __set_task_comm(me, bprm->file->f_path.dentry->d_name.name, true); > > + } else { > > + __set_task_comm(me, kbasename(bprm->filename), true); > > + } > > =20 > > /* An exec changes our domain. We are no longer part of the thread > > group */ > >=20 > > base-commit: baeb9a7d8b60b021d907127509c44507539c15e5 > > --=20 > > 2.34.1 > >=20 >=20 > --=20 > Aleksa Sarai > Senior Software Engineer (Containers) > SUSE Linux GmbH > --=20 Aleksa Sarai Senior Software Engineer (Containers) SUSE Linux GmbH --wd2o7flkl4ghydpi Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQS2TklVsp+j1GPyqQYol/rSt+lEbwUCZvxD5gAKCRAol/rSt+lE b6K4AP0bkE8XQim5jTCFtZmavfUnJ3zLtIlqABmpFfxf4uq8AAD+KW/IsgZGoAu7 ov97H3FBDh8FdTxrCOEcruXb8xQQnwU= =1uQQ -----END PGP SIGNATURE----- --wd2o7flkl4ghydpi--